Browse Source

api 1.0 release

master
RENOX 5 months ago
parent
commit
eb09997052
4 changed files with 145 additions and 32 deletions
  1. +60
    -18
      src/main/java/planetrenox/controller/FormController.java
  2. +42
    -2
      src/main/java/planetrenox/controller/RequestValidation.java
  3. +11
    -5
      src/main/resources/static/index.html
  4. +32
    -7
      src/main/resources/static/js/post.js

+ 60
- 18
src/main/java/planetrenox/controller/FormController.java View File

@@ -5,7 +5,6 @@ import org.springframework.web.bind.annotation.*;
import planetrenox.encryption.AES256_GCM;
import planetrenox.mongodb.Dungeon;
import planetrenox.mongodb.DungeonRepository;
import java.util.HashMap;
import java.util.Map;

@RestController
@@ -15,33 +14,76 @@ public class FormController
private DungeonRepository repository;

/*
* "DOCUMENT_TYPE":"LOGIN" -> Invalid Form Params
* "DOCUMENT_TYPE":"NEW" -> New User
* "DOCUMENT_TYPE":"DECRYPT" -> Success or Failure
*/
* Response Codes:
* "DOCUMENT_TYPE": "VALIDATION_FAILED"
* "DOCUMENT_TYPE": "NEW_USER"
* "DOCUMENT_TYPE": "DECRYPT_SUCCESS" || "DECRYPT_FAILURE"
*/
@PostMapping(path = "/", params = {"name", "password"})
public Map<String, Object> login(@RequestParam("name") String name, @RequestParam("password") String password)
{
Map<String, Object> loginDocument = RequestValidation.validateLogin(name, password);
if ((boolean)loginDocument.get("INVALID")) return loginDocument; // Validation Failed
if ((boolean) loginDocument.get("INVALID")) return loginDocument; // Validation Failed
else // Validation Successful
{
name = (String)loginDocument.get("CLEAN_NAME");
name = (String) loginDocument.get("CLEAN_NAME");
loginDocument.clear();
Dungeon dungeon = repository.findByNameIgnoreCase(name);
if (dungeon==null) // New User
if (dungeon == null) // New User
{
Map<String, Object> newDocument = new HashMap<>();
newDocument.put("DOCUMENT_TYPE", "NEW");
return newDocument;
}
else // Existing Dungeon
loginDocument.put("DOCUMENT_TYPE", "NEW_USER");
return loginDocument;
} else // Existing Dungeon
{
Map<String, Object> decryptDocument = new HashMap<>();
decryptDocument.put("DOCUMENT_TYPE", "DECRYPT");
dungeon.setCleartext(AES256_GCM.decrypt(dungeon.getEncryptionData(), password));
if (dungeon.getCleartext() == null) return decryptDocument;
else decryptDocument.put("DUNGEON", dungeon);
return decryptDocument;
if (dungeon.getCleartext() == null) // DECRYPT FAILURE
{
loginDocument.put("DOCUMENT_TYPE", "DECRYPT_FAILURE");
} else // DECRYPT SUCCESS
{
loginDocument.put("DOCUMENT_TYPE", "DECRYPT_SUCCESS");
loginDocument.put("DUNGEON", dungeon);
}
return loginDocument;
}
}
}

/*
* Response Codes:
* "DOCUMENT_TYPE": "VALIDATION_FAILED"
* "DOCUMENT_TYPE": "SAVED"
* "DOCUMENT_TYPE": "DECRYPT_FAILURE"
*/
@PostMapping(path = "/", params = {"name", "password", "text"})
public Map<String, Object> save(@RequestParam("name") String name, @RequestParam("password") String password, @RequestParam("text") String text)
{
Map<String, Object> saveDocument = RequestValidation.validateSave(name, password, text);
if ((boolean) saveDocument.get("INVALID")) return saveDocument; // Validation Failed
else // Validation Successful
{
name = (String) saveDocument.get("CLEAN_NAME");
text = (String) saveDocument.get("CLEAN_TEXT");
saveDocument.clear();
Dungeon dungeon = repository.findByNameIgnoreCase(name);
if (dungeon == null) // New User
{
saveDocument.put("DOCUMENT_TYPE", "SAVED");
dungeon = new Dungeon(name, AES256_GCM.encrypt(text, password), null);
repository.insert(dungeon);
return saveDocument;
} else // Existing Dungeon
{
if (AES256_GCM.decrypt(dungeon.getEncryptionData(), password) == null) // DECRYPT FAILURE
{
saveDocument.put("DOCUMENT_TYPE", "DECRYPT_FAILURE");
} else // Password Correct - Saved
{
saveDocument.put("DOCUMENT_TYPE", "SAVED");
dungeon.setEncryptionData(AES256_GCM.encrypt(text, password));
repository.save(dungeon);
}
return saveDocument;
}
}
}


+ 42
- 2
src/main/java/planetrenox/controller/RequestValidation.java View File

@@ -14,7 +14,7 @@ public class RequestValidation
public static Map<String, Object> validateLogin(String name, String password)
{
Map<String, Object> loginDocument = new java.util.HashMap<>(Map.of(
"DOCUMENT_TYPE", "LOGIN",
"DOCUMENT_TYPE", "VALIDATION_FAILED",
"INVALID", false,
"EMPTY", false,
"NAME_LENGTH>60", false,
@@ -23,7 +23,7 @@ public class RequestValidation
"CLEAN_NAME", ""
));

loginDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.basic()));
loginDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText()));

if (name.length()>60)
{
@@ -48,4 +48,44 @@ public class RequestValidation

return loginDocument;
}

public static Map<String, Object> validateSave(String name, String password, String text)
{
Map<String, Object> saveDocument = new java.util.HashMap<>(Map.of(
"DOCUMENT_TYPE", "VALIDATION_FAILED",
"INVALID", false,
"EMPTY", false,
"NAME_LENGTH>60", false,
"PASS_LENGTH>128", false,
"ILLEGAL_CHAR", false,
"CLEAN_NAME", "",
"CLEAN_TEXT", ""
));

saveDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText()));
saveDocument.put("CLEAN_TEXT", Jsoup.clean(text, Whitelist.basic()));

if (name.length()>60)
{
saveDocument.put("INVALID", true);
saveDocument.put("NAME_LENGTH>60", true);
}
if(password.length()>128)
{
saveDocument.put("INVALID", true);
saveDocument.put("PASS_LENGTH>128", true);
}
if (name.equals("") || password.equals("") || text.equals(""))
{
saveDocument.put("INVALID", true);
saveDocument.put("EMPTY", true);
}
if (ILLEGAL_NAME_PATTERN.matcher(name).find())
{
saveDocument.put("INVALID", true);
saveDocument.put("ILLEGAL_CHAR", true);
}

return saveDocument;
}
}

+ 11
- 5
src/main/resources/static/index.html View File

@@ -11,11 +11,17 @@
<body>

<div>
<input id="name" type="text" name="name">
<br>
<input id="password" type="password" name="password">
<br>
<input id="btn-login" type="button">
<input id="name" type="text" name="name">
<br>
<input id="password" type="password" name="password">
<br>
<input id="btn-login" type="button">
</div>

<div>
<textarea id="textarea" rows="4" cols="50"></textarea>
<br>
<input id="btn-save" type="button">
</div>




+ 32
- 7
src/main/resources/static/js/post.js View File

@@ -1,15 +1,40 @@
btn_login = document.getElementById("btn-login");
"use strict";

// LOGIN BUTTON
var btn_login = document.getElementById("btn-login");
btn_login.addEventListener("click", btnLoginEvent);

function btnLoginEvent(e) {
var name = document.getElementById("name").value;
var password = document.getElementById("password").value;
var xmlrequest = new XMLHttpRequest();
// SAVE BUTTON
var btn_save = document.getElementById("btn-save");
btn_save.addEventListener("click", btnSaveEvent);

// LOGIN EVENT
function btnLoginEvent(e)
{
let name = document.getElementById("name").value;
let password = document.getElementById("password").value;
let xmlrequest = new XMLHttpRequest();
xmlrequest.open("POST", "/");
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xmlrequest.send("name=" + name + "&password=" + password);
xmlrequest.onload = function ()
xmlrequest.send("type=login&name=" + name + "&password=" + password);
xmlrequest.onload = function () // not prod
{
console.log(xmlrequest.response);
}
}

// SAVE EVENT
function btnSaveEvent(e)
{
let name = document.getElementById("name").value; // not prod
let password = document.getElementById("password").value; // not prod
let text = document.getElementById("textarea").value;
let xmlrequest = new XMLHttpRequest();
xmlrequest.open("POST", "/");
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xmlrequest.send("name=" + name + "&password=" + password + "&text=" + text);
xmlrequest.onload = function () // not prod
{
console.log(xmlrequest.response)
}
}

Loading…
Cancel
Save